示例#1
0
        /// <summary>
        /// Performs the secure handshake so we can start sending messages.
        /// </summary>
        /// <returns></returns>
        private async Task HandshakeAsync()
        {
            // wait on semaphore
            await _handshakeSemaphore.WaitAsync();

            // check if we got raced
            if (_serverEncryptionKey != null && !SecureUtils.HasTimeSlotExpired(_serverEncryptionKeyTimeSlot, false))
            {
                return;
            }

            try {
                // create client key
                GenerateHandshakeKey();

                // get certificate if we don't have it yet
                if (_serverCertificate == null)
                {
                    // log
#if DEBUG_SECURE
                    Console.WriteLine($"[Secure] Handshake Requesting certificate...");
#endif

                    // request certificate
                    SecureHeader requestCertificate = new SecureHeader(SecureHeader.HeaderVersion, SecureMessageType.RequestCertificate);

                    // send request
                    Envelope respondCert = await _node.AskAsync(_address, new byte[0], _configuration.HandshakeTimeout, new Dictionary <string, object>() {
                        { SecureHeader.HeaderName, requestCertificate.ToString() }
                    });

                    // parse response header
                    SecureHeader respondCertHeader = null;

                    try {
                        respondCertHeader = new SecureHeader(Encoding.UTF8.GetString(respondCert.Headers[SecureHeader.HeaderName] as byte[]));
                    } catch (Exception ex) {
                        throw new InvalidDataException("The certificate request response header was invalid", ex);
                    }

                    // check if the certificate response is an error or if it's an incorrect type
                    if (respondCertHeader.Type == SecureMessageType.Error)
                    {
                        SecureErrorMsg errorMsg = respondCert.AsProtoBuf <SecureErrorMsg>();

                        throw new SecurityException($"{errorMsg.Message} ({errorMsg.Code})");
                    }
                    else if (respondCertHeader.Type != SecureMessageType.RespondCertificate)
                    {
                        throw new InvalidDataException("The certificate request response header was invalid");
                    }

                    // decode the certificate response and then check it has actual data
                    SecureRespondCertificateMsg respondCertMsg = respondCert.AsProtoBuf <SecureRespondCertificateMsg>();

                    if (respondCertMsg.CertificateData == null)
                    {
                        throw new InvalidDataException("The certificate request response was invalid");
                    }

                    // load certificate from response
                    X509Certificate2 cert = new X509Certificate2(respondCertMsg.CertificateData);

                    // validate it's allowed to act as this service
                    if (_configuration.ValidateAddress)
                    {
                        // check extension is actually there
                        if (cert.Extensions["HolonSecureServices"] == null)
                        {
                            throw new InvalidDataException("The service certificate has no claim for the invoked operation");
                        }

                        // parse extension
                        X509Extension servicesExt = cert.Extensions["HolonSecureServices"];
                    }
                    else
                    {
#if DEBUG_SECURE
                        Console.WriteLine($"[Secure] Handshake WARNING: Not validating services due to configuration!");
#endif
                    }

                    // validate that it's signed by ca authority
                    if (_configuration.ValidateAuthority)
                    {
                        X509Chain chain = new X509Chain();
                        chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
                        chain.ChainPolicy.ExtraStore.Add(_configuration.RootAuthority);
                        chain.Build(cert);

                        // get status
                        X509ChainStatus status = chain.ChainStatus.First();

                        if (status.Status != X509ChainStatusFlags.UntrustedRoot && status.Status != X509ChainStatusFlags.NoError)
                        {
                            throw new InvalidDataException("The service certificate is not signed by the root authority");
                        }
                    }
                    else
                    {
#if DEBUG_SECURE
                        Console.WriteLine($"[Secure] Handshake WARNING: Not validating authority due to configuration!");
#endif
                    }

                    // log
#if DEBUG_SECURE
                    Console.WriteLine($"[Secure] Handshake Got certifcate {cert.Subject} ({cert.Thumbprint})");
#endif

                    _serverCertificate = cert;
                }

                // log
#if DEBUG_SECURE
                Console.WriteLine($"[Secure] Handshake Requesting key... FirstTime: {_serverEncryptionKey == null}");
#endif

                // key request
                SecureRequestKeyMsg requestKeyMsg = new SecureRequestKeyMsg()
                {
                    HandshakeIV  = _handshakeEncryptionIV,
                    HandshakeKey = _handshakeEncryptionKey
                };
                SecureHeader requestKey = new SecureHeader(SecureHeader.HeaderVersion, SecureMessageType.RequestKey);

                // send request
                Envelope respondKey = null;

                using (RSA rsa = _serverCertificate.GetRSAPublicKey()) {
                    using (MemoryStream ms = new MemoryStream()) {
                        // serialize to stream
                        Serializer.Serialize(ms, requestKeyMsg);

                        // encrypt with server certificate
                        byte[] keyRequestBody = rsa.Encrypt(ms.ToArray(), RSAEncryptionPadding.Pkcs1);

                        respondKey = await _node.AskAsync(_address, keyRequestBody, _configuration.HandshakeTimeout, new Dictionary <string, object>() {
                            { SecureHeader.HeaderName, requestKey.ToString() }
                        });
                    }
                }

                // parse response
                SecureHeader respondKeyHeader = null;

                try {
                    respondKeyHeader = new SecureHeader(Encoding.UTF8.GetString(respondKey.Headers[SecureHeader.HeaderName] as byte[]));
                } catch (Exception ex) {
                    throw new InvalidDataException("The key request response header was invalid", ex);
                }

                // check if the key response is an error or if it's an incorrect type
                if (respondKeyHeader.Type == SecureMessageType.Error)
                {
                    SecureErrorMsg errorMsg = respondKey.AsProtoBuf <SecureErrorMsg>();

                    throw new SecurityException($"{errorMsg.Message} ({errorMsg.Code})");
                }
                else if (respondKeyHeader.Type != SecureMessageType.RespondKey)
                {
                    throw new InvalidDataException("The key request response header was invalid");
                }

                // try and decrypt
                using (MemoryStream decryptedStream = new MemoryStream()) {
                    using (Aes aes = Aes.Create()) {
                        aes.Key = _handshakeEncryptionKey;
                        aes.IV  = _handshakeEncryptionIV;

                        using (CryptoStream decryptStream = new CryptoStream(respondKey.AsStream(), aes.CreateDecryptor(), CryptoStreamMode.Read)) {
                            decryptStream.CopyTo(decryptedStream);
                        }
                    }

                    // seek to beginning
                    decryptedStream.Seek(0, SeekOrigin.Begin);

                    // deserialize
                    SecureRespondKeyMsg respondKeyMsg = Serializer.Deserialize <SecureRespondKeyMsg>(decryptedStream);

                    // validate key
                    if (respondKeyMsg.ServerKey == null || respondKeyMsg.ServerNonce == null || respondKeyMsg.ServerKey.Length != 16)
                    {
                        throw new InvalidDataException("The secure key is invalid");
                    }

                    // log
#if DEBUG_SECURE
                    Console.WriteLine($"[Secure] Handshake Got key Timeslot: {respondKeyMsg.KeyTimeSlot} Nonce: {BitConverter.ToString(respondKeyMsg.ServerNonce).Replace("-", "")}");
#endif

                    // set server encryption key
                    _serverEncryptionKey         = respondKeyMsg.ServerKey;
                    _serverNonce                 = respondKeyMsg.ServerNonce;
                    _serverEncryptionKeyTimeSlot = respondKeyMsg.KeyTimeSlot;
                }
            } finally {
                // make sure to release semaphore no matter what
                _handshakeSemaphore.Release();
            }
        }
示例#2
0
        /// <summary>
        /// Handles handshake and encrypted envelopes.
        /// </summary>
        /// <param name="envelope">The envelope.</param>
        /// <returns></returns>
        public async Task <bool> HandleAsync(Envelope envelope)
        {
            // check for secure header
            SecureHeader secureHeader = null;

            try {
                if (envelope.Headers.ContainsKey(SecureHeader.HEADER_NAME))
                {
                    secureHeader = new SecureHeader(Encoding.UTF8.GetString(envelope.Headers[SecureHeader.HEADER_NAME] as byte[]));
                }
            } catch (Exception) {
                if (envelope.ID != Guid.Empty)
                {
                    await ReplyErrorAsync(envelope, new SecureErrorMsg()
                    {
                        Code    = "ProtocolInvalid",
                        Message = "The secure message header format is invalid"
                    });
                }

                return(false);
            }

            // check if it's a secure message or not
            if (secureHeader != null && envelope.ID != Guid.Empty)
            {
                if (secureHeader.Type == SecureMessageType.RequestCertificate)
                {
#if DEBUG_SECURERPC
                    Console.WriteLine($"[SecureFilter] {nameof(RpcSecureMessageType.RequestCertificate)}");
#endif

                    // build response
                    SecureRespondCertificateMsg respondCertificateMsg = new SecureRespondCertificateMsg();
                    respondCertificateMsg.CertificateData = _certificate.Export(X509ContentType.Cert);

                    // build reply
                    using (MemoryStream ms = new MemoryStream()) {
                        Serializer.Serialize(ms, respondCertificateMsg);

                        // reply
                        await envelope.Node.ReplyAsync(envelope.ReplyTo, envelope.ID, ms.ToArray(), new Dictionary <string, object>() {
                            { SecureHeader.HEADER_NAME, new SecureHeader(SecureHeader.HEADER_VERSION, SecureMessageType.RespondCertificate).ToString() }
                        });
                    }

                    return(false);
                }
                else if (secureHeader.Type == SecureMessageType.RequestKey)
                {
                    // decrypt
                    byte[] decryptedBody = null;

                    using (RSA rsa = _certificate.GetRSAPrivateKey()) {
                        decryptedBody = rsa.Decrypt(envelope.Body, RSAEncryptionPadding.Pkcs1);
                    }

                    // deserialize key request
                    SecureRequestKeyMsg requestKeyMsg = null;

                    using (MemoryStream ms = new MemoryStream(decryptedBody)) {
                        requestKeyMsg = Serializer.Deserialize <SecureRequestKeyMsg>(ms);
                    }

                    // validate that the data is there and is the correct size, if not send an error back
                    if (requestKeyMsg.HandshakeIV == null || requestKeyMsg.HandshakeKey == null || requestKeyMsg.HandshakeIV.Length != 16 || requestKeyMsg.HandshakeKey.Length != 16)
                    {
                        await ReplyErrorAsync(envelope, new SecureErrorMsg()
                        {
                            Code    = "ProtocolInvalid",
                            Message = "The request key data was invalid"
                        });

                        return(false);
                    }

                    // generate random nonce
                    byte[] nonceBytes = new byte[16];

                    using (RandomNumberGenerator rng = RandomNumberGenerator.Create()) {
                        rng.GetBytes(nonceBytes);
                    }

                    // process key request
                    long   timeSlot = SecureUtils.GetNextTimeSlot();
                    byte[] keyBytes = SecureUtils.GenerateKey(nonceBytes, timeSlot, _secret);

                    // log
#if DEBUG_SECURERPC
                    Console.WriteLine($"[SecureFilter] {nameof(RpcSecureMessageType.RequestKey)} TimeSlot: {timeSlot} Nonce: {BitConverter.ToString(nonceBytes).Replace("-", "")}");
#endif

                    // build response
                    SecureRespondKeyMsg respondKeyMsg = new SecureRespondKeyMsg();
                    respondKeyMsg.ServerNonce = nonceBytes;
                    respondKeyMsg.ServerKey   = keyBytes;
                    respondKeyMsg.KeyTimeSlot = timeSlot;

                    // encode and encrypt
                    byte[] respondKeyBody = null;

                    using (Aes aes = Aes.Create()) {
                        // setup aes
                        aes.Key = requestKeyMsg.HandshakeKey;
                        aes.IV  = requestKeyMsg.HandshakeIV;

                        // build body
                        using (MemoryStream ms = new MemoryStream()) {
                            // encrypt using client key
                            using (CryptoStream cs = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write)) {
                                Serializer.Serialize(cs, respondKeyMsg);
                            }

                            // get output
                            respondKeyBody = ms.ToArray();
                        }
                    }

                    // reply
                    await envelope.Node.ReplyAsync(envelope.ReplyTo, envelope.ID, respondKeyBody, new Dictionary <string, object>() {
                        { SecureHeader.HEADER_NAME, new SecureHeader(SecureHeader.HEADER_VERSION, SecureMessageType.RespondKey).ToString() }
                    });

                    return(false);
                }
                else if (secureHeader.Type == SecureMessageType.RequestMessage)
                {
                    // deserialize key request
                    SecureMessageMsg msg = null;

                    using (MemoryStream ms = new MemoryStream(envelope.Body)) {
                        msg = Serializer.Deserialize <SecureMessageMsg>(ms);
                    }

                    // validate the data is there and is correct length, if not send invalid data
                    if (msg.Payload == null || msg.ServerNonce == null || msg.ServerNonce.Length != 16)
                    {
                        await ReplyErrorAsync(envelope, new SecureErrorMsg()
                        {
                            Code    = "ProtocolInvalid",
                            Message = "The request message data was invalid"
                        });

                        return(false);
                    }

                    // log
#if DEBUG_SECURERPC
                    Console.WriteLine($"[SecureFilter] {nameof(RpcSecureMessageType.RequestMessage)} TimeSlot: {msg.KeyTimeSlot} Nonce: {BitConverter.ToString(msg.ServerNonce).Replace("-", "")}");
#endif

                    // validate expiry of time slot
                    if (SecureUtils.HasTimeSlotExpired(msg.KeyTimeSlot, true))
                    {
                        await ReplyErrorAsync(envelope, new SecureErrorMsg()
                        {
                            Code    = "KeyExpired",
                            Message = "The secure message is encrypted with an outdated key"
                        });

                        return(false);
                    }

                    // get key
                    byte[] keyBytes = SecureUtils.GenerateKey(msg.ServerNonce, msg.KeyTimeSlot, _secret);

                    using (MemoryStream decryptedPayloadStream = new MemoryStream()) {
                        using (MemoryStream payloadStream = new MemoryStream(msg.Payload)) {
                            using (Aes aes = Aes.Create()) {
                                aes.Key = keyBytes;
                                aes.IV  = msg.ServerNonce;

                                using (CryptoStream decryptStream = new CryptoStream(payloadStream, aes.CreateDecryptor(), CryptoStreamMode.Read)) {
                                    decryptStream.CopyTo(decryptedPayloadStream);
                                }
                            }
                        }

                        // modify body and set reply channel
                        envelope.Body    = decryptedPayloadStream.ToArray();
                        envelope.Channel = new SecureReplyChannel(envelope, keyBytes, msg.ServerNonce);

                        return(true);
                    }
                }
                else
                {
                    // log
#if DEBUG_SECURERPC
                    Console.WriteLine($"[SecureFilter] Unimplemented message type!");
#endif

                    await ReplyErrorAsync(envelope, new SecureErrorMsg()
                    {
                        Code    = "ProtocolViolation",
                        Message = "The message type is not relevant or is invalid"
                    });

                    return(false);
                }
            }
            else
            {
                return(true);
            }
        }